Automatic speaker verification (ASV) is one of the most natural and convenient means of biometric person recognition. Unfortunately, just like all other biometric systems, ASV is vulnerable to spoofing, also referred to as “presentation attacks.” These vulnerabilities are generally unacceptable and call for spoofing countermeasures or “presentation attack detection” systems. In addition to impersonation, ASV systems are vulnerable to replay, speech synthesis, and voice conversion attacks.

The ASVspoof challenge initiative was created to foster research on anti-spoofing and to provide common platforms for the assessment and comparison of spoofing countermeasures. The first edition, ASVspoof 2015, focused upon the study of countermeasures for detecting of text-to-speech synthesis (TTS) and voice conversion (VC) attacks. The second edition, ASVspoof 2017, focused instead upon replay spoofing attacks and countermeasures. The ASVspoof 2019 edition is the first to consider all three spoofing attack types within a single challenge. While they originate from the same source database and same underlying protocol, they are explored in two specific use case scenarios. Spoofing attacks within a logical access (LA) scenario are generated with the latest speech synthesis and voice conversion technologies, including state-of-the-art neural acoustic and waveform model techniques. Replay spoofing attacks within a physical access (PA) scenario are generated through carefully controlled simulations that support much more revealing analysis than possible previously. Also new to the 2019 edition is the use of the tandem detection cost function metric, which reflects the impact of spoofing and countermeasures on the reliability of a fixed ASV system. This paper describes the database design, protocol, spoofing attack implementations, and baseline ASV and countermeasure results. It also describes a human assessment on spoofed data in logical access. It was demonstrated that the spoofing data in the ASVspoof 2019 database have varied degrees of perceived quality and similarity to the target speakers, including spoofed data that cannot be differentiated from bona fide utterances even by human subjects. It is expected that the ASVspoof 2019 database, with its varied coverage of different types of spoofing data, could further foster research on anti-spoofing.

自动说话者验证（ASV）是生物特征识别人的最自然，最便捷的方法之一。不幸的是，与所有其他生物识别系统一样，ASV也容易受到欺骗的攻击，也被称为“演示攻击”。这些漏洞通常是不可接受的，因此需要采取欺骗对策或“演示攻击检测”系统。除了模拟以外，ASV系统还容易受到重放，语音合成和语音转换攻击的攻击。

ASVspoof挑战计划的创建是为了促进反欺骗研究，并为评估和比较欺骗对策提供通用平台。第一版《 ASVspoof 2015》重点研究了用于检测文本语音转换（TTS）和语音转换（VC）攻击的对策。第二版《 ASVspoof 2017》重点关注重播欺骗攻击和对策。ASVspoof 2019版本是第一个在单个挑战中考虑所有三种欺骗攻击类型的应用程序。尽管它们源自相同的源数据库和相同的基础协议，但在两个特定的用例场景中对其进行了探讨。逻辑访问中的欺骗攻击（LA）场景是使用最新的语音合成和语音转换技术生成的，其中包括最新的神经声学和波形模型技术。重播物理访问中的欺骗攻击（PA）场景是通过精心控制的模拟生成的，该模拟支持比以往更多的揭示性分析。串联检测成本函数度量标准的使用也是2019版的新功能，它反映了欺骗和对策对固定ASV系统可靠性的影响。本文介绍了数据库设计，协议，欺骗攻击的实现以及基准ASV和对策结果。它还描述了对逻辑访问中的欺骗数据的人工评估。事实证明，ASVspoof 2019数据库中的欺骗数据具有不同程度的感知质量和与目标说话者的相似性，包括即使是人类受试者也无法与真实话语区分开的欺骗数据。预计ASVspoof 2019数据库，